1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-20 04:02:27 +00:00
Commit Graph

90 Commits

Author SHA1 Message Date
Clement Laforet
4598cbe127 - Ensure we use correct OpenSSL libs [1]
- Fix multiprofiles support in rc script [2]

PR:             ports/100315 [1],
                ports/109536 [2]
Submitted by:   Jo Rhett <jrhett@svcolo.com> [1]
                Eygene Ryabinkin <rea-fbsd@codelabs.ru> [2]
2007-03-17 16:03:24 +00:00
Clement Laforet
b16c9ff024 - Update to 2.2.4
- Add dumpio module
- Fix rcorder [1]

PR:		ports/106429 [1]
Submitted by:	Dmitry Pryanishnikov <dmitry@atlantis.dp.ua> [1]
2007-01-13 12:13:12 +00:00
Clement Laforet
2ca1ad3194 - Update MySQL apr_dbd to rev 57
- Add support for itk mpm
- Update doc [1]

Reported by:	Volodymyr Kostyrko <arcade@synergetica.dn.ua> [1]
2006-11-05 10:49:17 +00:00
Clement Laforet
322d382254 - Remove obsolete patch
Reported by:		Rui Lopes <rgl@ruilopes.com>
2006-09-25 05:41:50 +00:00
Clement Laforet
9f63b13398 - House keeping (update to current standards: USE_RC_SUBR, USE_LDCONFIG,etc.)
- Remove python dependency unless apr_dbd_mysql is built [1]

Required by:		many [1]
2006-09-24 16:16:40 +00:00
Clement Laforet
6ffdbab58e - Update to 2.2.3
- Update apr_dbd to latest version [1]
- Add forgotten mod_authn_alias [2]

Spotted by:     Jim Riggs <freebsd-lists@jimandlissa.com> [1]
                Alexander Wittig <alexander@wittig.name> [2
2006-08-05 20:37:23 +00:00
Clement Laforet
b5c6eb5f0e - Fix security issue in mod_rewrite.
All people using mod_rewrite are strongly encouraged to update.

An off-by-one flaw exists in the Rewrite module, mod_rewrite.
Depending on the manner in which Apache httpd was compiled, this
software defect may result in a vulnerability which, in combination
with certain types of Rewrite rules in the web server configuration
files, could be triggered remotely.  For vulnerable builds, the nature
of the vulnerability can be denial of service (crashing of web server
processes) or potentially allow arbitrary code execution.
This issue has been rated as having important security impact
by the Apache HTTP Server Security Team

Updates to latest versions will follow soon.

Notified by:	so@ (simon)
Obtained from:	Apache Security Team
Security: 	CVE-2006-3747
2006-07-27 20:26:29 +00:00
Clement Laforet
71b1a5bb72 - Remove obsolete patch which add support to Windows Update Service when
apache acts as a proxy.

Reported by:	Bjoern Voigt <bjoern@cs.tu-berlin.de>
2006-05-10 19:47:15 +00:00
Clement Laforet
568a8f4a76 - Update to 2.2.2
- Enable mod_version by default
2006-05-01 09:07:28 +00:00
Clement Laforet
1e3b5eb942 - Fix typos in bdb-4.1 m4 macro
Spotted by:	Frank Steinborn <steinex@ircnow.org>
2006-04-30 15:52:08 +00:00
Doug Barton
c49d1a3273 Remove the FreeBSD KEYWORD from all rc.d scripts where it appears.
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
2006-02-20 20:47:50 +00:00
Clement Laforet
a1241eaf2d - add -v to kldload to prevent loading accf_http module if it's statically
built into kernel

Reported by:	many
2006-01-23 11:37:04 +00:00
Clement Laforet
ac3d98838e - ohoh fix apache22.sh
Reported by:	Adam McLaurin <adam.mclaurin@fastmail.fm>,
		Dominique Goncalves <dominique.goncalves@gmail.com>
2006-01-15 01:11:11 +00:00
Clement Laforet
d782b5c3b7 - SECURITY: CVE-2005-3357 (cve.mitre.org)
mod_ssl: Fix a possible crash during access control checks if a
   non-SSL request is processed for an SSL vhost (such as the
   "HTTP request received on SSL port" error message when an 400
   ErrorDocument is configured, or if using "SSLEngine optional").
   [1]
- reintroduce support of multiple instances of apache in startup
  script [2]
- Add configtest command to apache22.sh [2]
- rewrite detection of accf_http filter to make it works on all
  supported branches.
- fix rcorder [3]
- fix startup at boot time when profiles are used [4]

Spotted by:     simon [1], flz[3]
Submitted by:   Jarrod Sayers <jarrod@netleader.com.au> [2],
                Joe Horn <joehorn@mi.chu.edu.tw> [4]
PR:             ports/91154 [2], ports/90708 [4]
2006-01-14 16:03:43 +00:00
Clement Laforet
1343a99fc9 - Fix envvars.d [1]
- Add apache22_http_accept_enable to load accf_http kernel module [2]
  Additionnally, if it's not defined, we drop accept filter support
- Drop obsolete apache22ssl_enable rc.conf option
- Sync apache22.sh behavior with apachectl
  Add graceful and graceful-stop targets
- Rework categories (add CACHE_MODULES)
- Add support for apr_dbd: MySQL, PostgrSQL and SQLite3 backends are supported
  It adds mod_auth_dbd and mod_dbd automatically

more fixes to come soon...

PR:             ports/90309 [1],
                ports/90103 [2]
Submitted by:   Simun Mikecin <sime@data.home.hr> [1],
                Melvyn Sopacua <melvyn@melvyn.homeunix.net> [2]
2005-12-13 22:26:57 +00:00
Clement Laforet
153589a262 - Fix typo (it's actually in apache SVN repo)
Reported by:	 Matt Smith <matt@xtaz.co.uk>
2005-12-13 10:51:41 +00:00
Clement Laforet
db0466bc1e SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imap: Escape untrusted referer header before outputting in HTML
     to avoid potential cross-site scripting.  Change also made to
     ap_escape_html so we escape quotes.  Reported by JPCERT.
     [Mark Cox]

Reported by:    simon
2005-12-12 20:55:14 +00:00
Clement Laforet
fd90671f79 - Fix plist (forgot when I add mod_filter) [1]
- workaround apr detection. Now apache22 build his own apr, even if apr
  is installed, unless you define WITH_APR_FROM_PORTS.

Reported by:	pointyhat via kris [1]
2005-12-10 11:39:40 +00:00
Clement Laforet
d97c6f0567 - Add apache 2.2.0
It's a temporary layout, I need more time to find the best.
  note that ${PREFIX}/www/(data|errors|cgi)(-dist) disappeared in favor of
  ${PREFIX}/www/apache22
2005-12-03 22:02:58 +00:00
Clement Laforet
0b1f4f30b9 - Update to 2.1.8
Not all new cool stuff is supported but it will be when  2.2.0
  comes out.
2005-10-30 20:39:05 +00:00
Clement Laforet
c571d84e6a - Fix event MPM build [1]
- Add a small UPDATING entry. You have to rebuild all your apache modules.

Reported by:	clement's apache tinderbox [1]
2005-02-24 08:48:57 +00:00
Clement Laforet
4b58bbf26b - Update to 2.1.3
If you can't fetch the distfile, fetch http://httpd.apache.org/dev/dist/httpd-2.1.3-alpha.tar.bz2
into ${PORTSDIR}/distfiles/apache21
2005-02-23 10:59:45 +00:00
Clement Laforet
38893d64f6 - Fix envvar.d stuff 2005-02-05 18:26:21 +00:00
Clement Laforet
ae9562845c - Add support for databases/db43 in apache2[1] and apache21.
- rename files/patch-srclib:apr-utils:build:dbm.m4 to
  files/patch-srclib:apr-util:build:dbm.m4

Based on PR:		ports/76152 [1]
Submitted by:		Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net> [1]
2005-01-17 20:30:08 +00:00
Clement Laforet
4e80ec5376 o startup script:
- Use apache{2,21}flags variable in apache{2,21}_checkconfig().
  It fixes restart when apache2ssl_enable is set to YES in rc.conf
  and httpd.conf is "old" (i.e. non -DSSL safe) [1]

o Makefile
- split post-install target to add install-startup-script:
  User can now upgrade startup script without reinstalling apache2.
  NOTE: this is NOT package-safe and NOT supported, even if in most of
  cases they're no risk.

Noticed by:     many [1]
2005-01-11 13:45:05 +00:00
Clement Laforet
9e10a6de6c - Add forgotten patch in previous commit. This fix installation of
stalled ${PREFIX}/sbin/envvar-std

Noticed by:		our wonderful ports janitor pseudo-bot
Huge Pointy Hat to:	me
2004-12-21 08:35:51 +00:00
Clement Laforet
f923f178ec - Sync with www/apache2:
- mod_ssl fix
  - make envvars modular
- Try to make pointyhat happy [1]

Obtained from:  devel/apr [1]
2004-12-18 11:09:00 +00:00
Clement Laforet
97d30de795 - Move standard configuration files to ${EXAMPLESDIR} to not get
dist config files installed in ${PREFIX}/etc/apache21
- Add support for Event MPM and add backport from apr to support
  APR_POLLSET_THREADSAFE (needed by Event MPM and forgotten @ release
  time) [1]
- misc cleanups
- Bump PORTREVISION to reflect all cool changes which occured today ;)

Obtained from:  apr svn repository
2004-12-13 18:48:03 +00:00
Clement Laforet
53975fd702 - Sync apache-apr layout with devel/apr one (to avoid another hack for
subversion)
- Add support for APR_FROM_PORTS
2004-12-13 10:26:52 +00:00
Clement Laforet
a3468fefcb - Add apache 2.1.2
This is a development version, awaiting for 2.2
2004-12-11 18:06:04 +00:00
Clement Laforet
305f53d791 Oops I forgot one file... 2004-03-17 08:44:03 +00:00
Clement Laforet
203ad8c8b9 - Move apache21 to Attic.
Will be back soon ;-)

Suggested by:		kris
2004-03-17 08:41:58 +00:00
Trevor Johnson
15bb1ce95f Update to 2.0.48, which has corrections for two security bugs:
- CAN-2003-0789:  information leak in mod_cgid
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0789>
- CAN-2003-0542:  buffer overflow in mod_alias and mod_rewrite
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542>

Use a DIST_SUBDIR.  Use the DOCSDIR macro.

Add options: HTTP_PORT, IPV6_V6ONLY, NO_CGI, NO_ERROR, NO_ICONS,
NO_WWW, NO_WWWDATA, WITHOUT_AUTH, WITHOUT_DAV, WITHOUT_MODULES,
WITHOUT_MODULES, WITHOUT_PROXY, WITH_ALL_STATIC_APACHE, WITH_BERKELEYDB,
WITH_CUSTOM_AUTH, WITH_CUSTOM_PROXY, WITH_DBM, WITH_EXTRA_MODULES,
WITH_MODULES, WITH_MPM, WITH_STATIC_APACHE, WITH_STATIC_MODULES and
WITH_STATIC_SUPPORT

PR:		58654
Submitted by:	Clement Laforet (maintainer)
2003-10-29 22:46:45 +00:00
Hye-Shik Chang
6d59a529a8 [SECURITY FIX]
Update to 2.0.46

See vulnerability details at:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0189

PR:		52768 [1]
Submitted by:	Xin Li <delphij@freebsdchina.org> [1],
		Miguel Mendez <flynn@energyhq.es.eu.org>,
		Trevor Johnson <trevor@FreeBSD.org>,
		Mark Gooderum <mark@verniernetworks.com>,
		John Walsh <zed@maths.tcd.ie>
2003-06-01 00:09:42 +00:00
Hye-Shik Chang
bf43aeb821 Add missed files on the previous commit. 2003-04-04 02:38:27 +00:00
Hye-Shik Chang
408824d8e0 Update to 2.0.45. This update fixes a DDOS vulnerability.
PR:		50564 [1]
Submitted by:	Cy Schubert <cy@FreeBSD.org>, delphij@hotmail.com [1]
Requested by:	many
2003-04-04 02:36:57 +00:00
Hye-Shik Chang
21de316435 Move bin/ap[ru]-config to lib/apache2/ to coexist with devel/apr-devel
Bumped PORTREVISION accordingly.

PR:		ports/39091
Submitted by:	Marc Recht <marc@informatik.uni-bremen.de>
2003-01-08 11:29:55 +00:00
Hye-Shik Chang
433e3d97bd o Change installbuilddir to $PREFIX/share/apache2/build to make porting
3rd party modules easy. [1]
o Include <limits.h> before <sys/syslimits.h> to reduce warnings on -CURRENT

PR:		44104 [1]
Submitted by:	Clement Laforet <sheepkiller@cultdeadsheep.org> [1]
2002-11-15 13:35:56 +00:00
Kris Kennaway
5c8de5fcae Update to apache 1.3.27 and 2.0.43. This fixes a security vulnerability.
Mark apache13-ssl FORBIDDEN because the new version does not yet exist.

Partially based on patches submitted by below authors.

Submitted by:	"Sergey A. Osokin" <osa@freebsd.org.ru>,
		Udo Schweigert <udo.schweigert@siemens.com>,
		Lev A. Serebryakov <lev@serebryakov.spb.ru>
PR:		ports/43682, ports/43688, ports/43666, ports/43681
2002-10-05 09:18:45 +00:00
Hye-Shik Chang
447d43bde3 Update to 2.0.40 2002-08-10 00:56:52 +00:00
Hye-Shik Chang
1e1df07282 - Add a small hack for worker MPM [1]
(worker MPM with this hack seems to work without visible problems.
   and still requires -DFORCE_THREADING_MPM to build for worker MPM.)
- Fix plist for worker MPM
- Comment out fancy modules from default httpd.conf

Tested on:      ref5.freebsd.org, several 4-stable machines [1]
2002-07-21 02:23:33 +00:00
Hye-Shik Chang
2a0ac18cea Correct envvars path on apachectl(1)
Submitted by:	Franco Venturi <fventuri@attbi.com>
2002-07-11 12:24:53 +00:00
Hye-Shik Chang
f3cc6576b2 - Add a patch for a bug on infinite loop in HTTP_IN
filter that allows DoS attack.
- Bump PORTREVISION
- Change maintainer address

Obtained from: Apache Group CVS (rev 1.150-1.151)
2002-07-09 11:22:19 +00:00
Hye-Shik Chang
0360be38d5 Fix more fatal bugs on htpasswd(1)
Requested by:	"Jon Noack" <noackjr@compgeek.com>
Obtained from:	Apache Group CVS (rev 1.49-1.51)
2002-07-08 07:42:04 +00:00
Hye-Shik Chang
d1eb2ba3f9 o Fix the htpasswd logic bug around -c and -n options
o Take away WITH_BUNDLED_EXPAT option (use textproc/expat2)
o Bump PORTREVISION

Prompted by:	Jon Noack <noackjr@rice.edu> (htpasswd)
Obtained from:	Apache Project's CVS (htpasswd)
2002-06-27 00:22:40 +00:00
Patrick Li
159c4b8012 - Sync www/apache13's change (.default -> -dist)
- Change default to WITH_BULDLED_EXPAT
- Reorder .if .endif blocks (.if WITH_MPM must appear earlier than .if
WITHOUT_CACHE)
- Some minor style fixes
- Bump PORTREVISION

PR:		ports/39635
Submitted by:	maintainer
2002-06-21 23:47:25 +00:00
Patrick Li
ea103f8b13 - Update to 2.0.39, the emergency security update.
- Unmark FORBIDDEN

PR:		ports/39477
Submitted by:	maintainer
2002-06-18 23:02:05 +00:00
Ying-Chieh Liao
e55081b766 - Better WITH_SUEXEC support
- Build with textproc/expat2 unless defined(WITH_BUNDLED_EXPAT)

PR:		38552
Submitted by:	maintainer
2002-05-26 13:25:04 +00:00
Cy Schubert
90cd8b73d7 1. Upgrade 2.0.35 --> 2.0.36
2.  Port printed message to "pw userdel www" if port removed permanently.
    However master.passwd 1.25.2.5 has user www by default, so this is no
    longer correct advice.  Removed pkg-deinstall to correct this.

PR:		37849 and 36907
Approved by:	MAINTAINER:  Hye-Shik Chang <perky@fallin.lv>
2002-05-09 03:55:18 +00:00
Ying-Chieh Liao
a7fe341967 Respect $DESTDIR for all paths
PR:		37211
Submitted by:	maintainer
2002-04-18 20:29:41 +00:00